From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 15846 invoked from network); 26 Jan 2021 11:15:23 -0000 Received: from 1ess.inri.net (216.126.196.35) by inbox.vuxu.org with ESMTPUTF8; 26 Jan 2021 11:15:23 -0000 Received: from mimir.eigenstate.org ([206.124.132.107]) by 1ess; Mon Jan 25 14:44:28 -0500 2021 Received: from abbatoir.fios-router.home (pool-74-101-2-6.nycmny.fios.verizon.net [74.101.2.6]) by mimir.eigenstate.org (OpenSMTPD) with ESMTPSA id 811a2f1c (TLSv1.2:ECDHE-RSA-AES256-SHA:256:NO) for <9front@9front.org>; Mon, 25 Jan 2021 11:44:14 -0800 (PST) Message-ID: <0298936785AE322EABB8CBD08698D520@eigenstate.org> To: 9front@9front.org Date: Mon, 25 Jan 2021 11:44:13 -0800 From: ori@eigenstate.org In-Reply-To: <861rean8s9.fsf@cmarib.ramside> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: blockchain YAML cache deep-learning-oriented layer Subject: Re: [9front] notes on user none Reply-To: 9front@9front.org Precedence: bulk Quoth magma698hfsp273p9f@icebubble.org: > ori@eigenstate.org writes: > > > One thing that's worth noting: The reason that none > > only looks at world permissions is that *anyone* can > > become none with no authentication -- which means > > that a file readable by none is equivalent to a world > > readable file. > > > > Making 'none' only look at the world permissions is > > a reasonable way to avoid fooling yourself. > > Um. What if the file is owned by "none", but chmod 0400? The u+r would > suggest that it would be readable. But, if only world permissions are > checked, the o-r suggests that it would be be unreadable. Yes, that's the "not fooling yourself" part. if none checked permissions as normal, you could simply do auth/none cat file as any user. if none can read it, so can anyon else.